I know there are other Fortinet Experts who already shared some idea related to this Topic. You should be able to see if the phone is trying to register with its RFC 1918 address and NOT the NAT’d IP of the ASA/Fortigate. 36 mavack 10 days ago SIP ALG on all platforms mangle calls if everything isnt 100 to standard. FortiGate on SIP/ALG/Session Helper If you are looking for some idea on change/tweak on fortigate for SIP/VoIP traffic, I believe the below details could give help you a bit of insight on configuring Fortinet for your SIP/VoIP design. The best way to know if this is causing a problem is to perform a packet capture. Otherwise, firewall policies need to statically open a wide range of ports.ģ) Inspection and logging of VoIP traffic (using ALG/Proxy instead of session-helper). By default FortiOS uses the SIP ALG for SIP traffic. FortiGate DHCP works with DDNS to allow FQDN connectivity to leased IP addresses Static routing Routing concepts. SIP ALG is a feature where the firewall will inspect the SIP packets as they egresses the firewallġ) Modification of IP addresses in the application payload when NAT is used.Ģ) Dynamic opening of data ports (“pinholes”) as required to allow audio traffic. SIP Application Layer Gateway – Cisco and Fortinet
0 kommentar(er)
